WebSSO support
* WebSSO support
* Run keystone under apache2
* Remove trailing whitespaces
Change-Id: I7ccd9dbf57571a03471bb06c961079f4bd099ff8
diff --git a/keystone/files/liberty/keystone.conf.Debian b/keystone/files/liberty/keystone.conf.Debian
index 48cb53f..e52f532 100644
--- a/keystone/files/liberty/keystone.conf.Debian
+++ b/keystone/files/liberty/keystone.conf.Debian
@@ -301,6 +301,11 @@
# Allowed authentication methods. (list value)
#methods = external,password,token,oauth1
+{% if server.websso is defined %}
+methods = external,password,token,{{ server.websso.protocol }}
+{{ server.websso.protocol }} = keystone.auth.plugins.mapped.Mapped
+{%- endif %}
+
# Entrypoint for the password auth plugin module in the keystone.auth.password
# namespace. (string value)
#password = <None>
@@ -318,6 +323,10 @@
# namespace. (string value)
#oauth1 = <None>
+{% if server.websso is defined %}
+[{{ server.websso.protocol }}]
+remote_id_attribute = {{ server.websso.remote_id_attribute }}
+{%- endif %}
[cache]
@@ -780,6 +789,9 @@
# Entrypoint for the federation backend driver in the keystone.federation
# namespace. (string value)
#driver = sql
+{% if server.websso is defined %}
+driver = {{ server.websso.federation_driver }}
+{%- endif %}
# Value to be used when filtering assertion parameters from the environment.
# (string value)
@@ -802,6 +814,13 @@
# example: trusted_dashboard=http://acme.com trusted_dashboard=http://beta.com
# (multi valued)
#trusted_dashboard =
+{%- if server.websso is defined %}
+{%- if server.websso.trusted_dashboard is defined %}
+{%- for dashboard in server.websso.trusted_dashboard %}
+trusted_dashboard = {{ dashboard }}
+{%- endfor %}
+{%- endif %}
+{%- endif %}
# Location of Single Sign-On callback handler, will return a token to a trusted
# dashboard host. (string value)